For several months now, I’ve been meaning to post to this blog an entry about Docker. My primary tasks within the HP Advanced Technology Group over the last few months have been to research both Docker and Ansible. I hope this post will serve to provide some basic understanding and context for the Docker project in particular, and set the foundation for future posts on the work I’ve been doing.

A container is an operating-system level virtualization method that provides a completely isolated environment, simulating a closed system running on a single host. It gives the user the ability to have an environment to do whatever is needed; in particular develop and run applications with the necessary resources and environment configuration.

There are numerous types of container mechanisms and technologies such as chroot, OpenVZ, Parallels, FreeBSD Jail, Linux Containers (LXC), and libcontainer, which is the default execution environment.

The basic idea of a container is to contain a process or set of processes such that they appear to have their own PID and are not visible outside of the container. This also means networking, users, disk, and other aspects that make an environment usable. This isolation is made possible on Linux using a number of kernel features: kernel namespaces (network, user, IPC, uts, PID, and mount), cgroups, Apparmor/SELinux profiles, and secomp policies.

Docker is developed by Docker.inc (formerly DotCloud), the corporate entity behind the Docker project. As described on the website, Docker is a « an easy, lightweight virtualized environent for portable applications ». To elaborate, Docker is an application the extends containers (as opposed to virtual machines). Specifically, its value is that is makes it incredibly easy to manage containers and that it makes it possible to deploy applications in manageable units that can run anywhere. The days of having to deal with the hassle of application dependencies across various Linux variants or even different types of virtual machines or hardware are now made trivial. With Docker, you can build your application in a container that runs on your laptop or on a virtual machine and be assured that it can also run in any environment. This truly is revolutionary in terms of software development, testing and deployment.